Announced in May 2025 and now entering its second phase, the initiative is called Trillion Dollar Security (1TS). It is co-chaired by Fredrik Svantes, the Foundation's Protocol Security Lead, and Josh Stark from EF Management. The program comes as Ethereum holds approximately $70 billion in total value locked (TVL), representing around 68% of the global decentralised finance market, according to DefiLlama data. Its nearest rivals, Solana and BNB Chain, hold roughly $9.3 billion and $7.2 billion respectively.

The Foundation described the ambition plainly in its May 14, 2025 announcement post on the Ethereum Foundation Blog: "Being the most secure platform in the crypto ecosystem isn't enough. Ethereum's ambition is to be a foundational layer of the global financial system."

---

The scale of the problem is not hypothetical. Crypto losses from smart contract exploits exceeded $3.5 billion in 2024, with access control failures alone accounting for approximately $953.2 million. The first quarter of 2025 saw more than $2 billion in losses from contract bugs, access control failures, and operational errors.

Significant incidents in 2025 extend well beyond that opening quarter. A $223 million exploit of the Cetus decentralised exchange in May 2025 was caused by a missed integer overflow check in the code, and a $40 to $42 million exploit of GMX V1 followed in July 2025. The February 2025 Bybit breach reached $1.5 billion and has been widely attributed to North Korea's Lazarus Group.

The 1TS initiative is structured in three phases: mapping security weaknesses across the full stack, executing fixes and investments, and communicating Ethereum's security posture in terms that institutions and governments can evaluate. The security review covers six areas: user experience, smart contract code, cloud and internet infrastructure, the consensus protocol itself, monitoring and incident response, and Social Layer and Governance, which addresses governance capture via stake concentration as well as regulatory pressure on development teams.

Ecosystem stewards include pseudonymous security researcher samczsun, who founded the Security Alliance (SEAL) in early 2024 and serves as a security advisor at Paradigm; Mehdi Zerouali, co-founder of Sigma Prime, who brings over 15 years of offensive security experience; and Zach Obront, co-founder of Etherealize. The initiative's security infrastructure carries substantial institutional weight: Vitalik Buterin personally contributed $500,000 to SEAL, and the alliance counts Paradigm, a16z, Electric Capital, and Coinbase among its backers.

---

Phase 2, launched in August 2025, identifies user experience as the most urgent problem area. Three concrete workstreams followed from that finding. First, the Foundation issued a grant to Walletbeat, a project modelled on L2BEAT (a transparency tool for Ethereum's Layer 2 scaling solutions), to develop minimum security standards for crypto wallets. Second, the initiative is developing a structured "tech tree" of solutions to address blind signing, a prioritised sequence of technical fixes designed to work through the problem systematically. Third, the Foundation is funding an open-source database of known smart contract vulnerabilities, enabling developers to scan their code before deployment.

Blind signing refers to a condition where a wallet cannot display transaction data in plain language, instead showing a cryptographic hash or a vague prompt. This creates an opening for attackers to embed harmful instructions, such as unlimited token approvals or commands to sweep a wallet's assets, that the user cannot read or reject. The Walletbeat standard would require wallets to meet four specific criteria: transparent transaction display in readable form, compromise-resistant interfaces, privacy-supporting architecture, and approval management. Compliance scores would be published publicly.

---

The practical stakes are sharpest in regions where crypto adoption is growing fastest. South Asia recorded roughly $300 billion in crypto transaction volume between January and July 2025, an 80% increase over the prior year, with India ranking first in the Chainalysis 2025 Global Crypto Adoption Index. Africa's crypto user base recorded significant growth in 2025, with some measures placing the continent among the fastest-growing regions globally.

In both regions, mobile wallets are the primary access point and users are often onboarding without deep technical backgrounds.

The blind signing problem maps onto these conditions in concrete ways. India's 2025 Treasure NFT collapse, a scheme estimated to have taken roughly $800 million from users across India and Pakistan, illustrates the broader harm that can result when wallet interfaces fail to surface readable transaction data for ordinary users.

The July 2025 CoinDCX breach, which cost the Indian exchange $44.2 million after a software engineer was reportedly tricked into installing malware, shows that infrastructure-level threats affect even technically sophisticated local actors.

In Nigeria, which ranks among the top three global crypto user bases, the CBEX Ponzi scheme raised serious concerns about inadequate user protections in crypto markets. An IMF paper on crypto market regulation in the country was published in July 2025.

For developers in markets where formal security audits are cost-prohibitive, the open-source vulnerability database from Phase 2 could serve as a free pre-deployment screening layer. For institutions, including development banks, sovereign wealth funds, and sovereign entities evaluating Ethereum as financial infrastructure, the initiative's institutional track provides a framework for assessing network risk and evaluating Ethereum as an infrastructure layer.

---

No completion timeline for the full mapping phase has been announced in publicly available initiative documentation. With over 8 million contracts already verified through the Verifier Alliance and ecosystem surveys underway, additional workstreams are likely to emerge as community input and the mapping phase progress.

Developers and security researchers can submit findings via the dedicated email address trilliondollarsecurity@ethereum.org or through the initiative's public submission form.

The Walletbeat scoring framework represents the clearest near-term signal of whether minimum security standards gain traction across the wallet ecosystem.